But first STOP what you're doing and secure your database code. The code you have here is vulnerable to SQL injection attacks. Even if you are not concerned with attacks, names containing apostrophes will cause database errors.

You can solve these problems by using the PostgreSQLPreparedStatement class.

You should probably do some sort of password hashing, and be sure to do your username lookups in lowercase, to avoid username case-sensitivity issues.